Project

General

Profile

Actions

Defect #5976

open

Uniqueness of User model fields is not checked sufficiently

Added by Holger Just over 14 years ago. Updated almost 12 years ago.

Status:
Confirmed
Priority:
Normal
Assignee:
-
Category:
Accounts / authentication
Start date:
2010-07-27
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:

Description

Although, the User model defines :login and :mail as unique, it is not guaranteed that these are indeed unique in the database. Parallel requests can insert the exactly same users (apart from the id) if the transaction overlap.

Therefore I propose to add a unique-index to the database to ensure uniqueness. Also, I propose to always save the login in lowercase to properly use that index. There still has to be checked if that correctly works with the legacy mixed case logins (after r3807, r3813 because of #2473).

Actions

Also available in: Atom PDF